Documentation ¶
Index ¶
- func GetSupportedOauth2TokenExchangeJwtAlgorithms() []string
- func NewAccessTokenCredentials(accessToken string, opts ...credentials.AccessTokenCredentialsOption) *credentials.AccessToken
- func NewAnonymousCredentials(opts ...credentials.AnonymousCredentialsOption) *credentials.Anonymous
- func NewFixedTokenSource(token, tokenType string) credentials.TokenSource
- func NewJWTTokenSource(opts ...credentials.JWTTokenSourceOption) (credentials.TokenSource, error)
- func NewStaticCredentials(user, password, authEndpoint string, ...) *credentials.Static
- func WithAudience(audience string, audiences ...string) oauthCredentialsAndJWTCredentialsOption
- func WithECPrivateKeyPEMContent(key []byte) credentials.JWTTokenSourceOption
- func WithECPrivateKeyPEMFile(path string) credentials.JWTTokenSourceOption
- func WithGrpcDialOptions(opts ...grpc.DialOption) credentials.StaticCredentialsOption
- func WithHMACSecretKey(key []byte) credentials.JWTTokenSourceOption
- func WithHMACSecretKeyBase64Content(base64KeyContent string) credentials.JWTTokenSourceOption
- func WithHMACSecretKeyBase64File(path string) credentials.JWTTokenSourceOption
- func WithHMACSecretKeyFile(path string) credentials.JWTTokenSourceOption
- func WithID(id string) credentials.JWTTokenSourceOption
- func WithIssuer(issuer string) credentials.JWTTokenSourceOption
- func WithKeyID(id string) credentials.JWTTokenSourceOption
- func WithPrivateKey(key interface{}) credentials.JWTTokenSourceOption
- func WithRSAPrivateKeyPEMContent(key []byte) credentials.JWTTokenSourceOption
- func WithRSAPrivateKeyPEMFile(path string) credentials.JWTTokenSourceOption
- func WithSigningMethod(method jwt.SigningMethod) credentials.JWTTokenSourceOption
- func WithSigningMethodName(method string) credentials.JWTTokenSourceOption
- func WithSourceInfo(sourceInfo string) credentials.SourceInfoOption
- func WithSubject(subject string) credentials.JWTTokenSourceOption
- func WithTokenTTL(ttl time.Duration) credentials.JWTTokenSourceOption
- type Credentials
- type Oauth2TokenExchangeCredentialsOption
- func WithActorToken(actorToken credentials.TokenSource) Oauth2TokenExchangeCredentialsOption
- func WithFixedActorToken(token, tokenType string) Oauth2TokenExchangeCredentialsOption
- func WithFixedSubjectToken(token, tokenType string) Oauth2TokenExchangeCredentialsOption
- func WithGrantType(grantType string) Oauth2TokenExchangeCredentialsOption
- func WithJWTActorToken(opts ...credentials.JWTTokenSourceOption) Oauth2TokenExchangeCredentialsOption
- func WithJWTSubjectToken(opts ...credentials.JWTTokenSourceOption) Oauth2TokenExchangeCredentialsOption
- func WithRequestTimeout(timeout time.Duration) Oauth2TokenExchangeCredentialsOption
- func WithRequestedTokenType(requestedTokenType string) Oauth2TokenExchangeCredentialsOption
- func WithResource(resource string, resources ...string) Oauth2TokenExchangeCredentialsOption
- func WithScope(scope string, scopes ...string) Oauth2TokenExchangeCredentialsOption
- func WithSubjectToken(subjectToken credentials.TokenSource) Oauth2TokenExchangeCredentialsOption
- func WithSyncExchangeTimeout(timeout time.Duration) Oauth2TokenExchangeCredentialsOption
- func WithTokenEndpoint(endpoint string) Oauth2TokenExchangeCredentialsOption
- type Token
- type TokenSource
Constants ¶
This section is empty.
Variables ¶
This section is empty.
Functions ¶
func GetSupportedOauth2TokenExchangeJwtAlgorithms ¶
func GetSupportedOauth2TokenExchangeJwtAlgorithms() []string
GetSupportedOauth2TokenExchangeJwtAlgorithms returns supported algorithms for initializing OAuth 2.0 token exchange protocol credentials from config file
func NewAccessTokenCredentials ¶
func NewAccessTokenCredentials( accessToken string, opts ...credentials.AccessTokenCredentialsOption, ) *credentials.AccessToken
NewAccessTokenCredentials makes access token credentials object Passed options redefines default values of credentials object internal fields
func NewAnonymousCredentials ¶
func NewAnonymousCredentials( opts ...credentials.AnonymousCredentialsOption, ) *credentials.Anonymous
NewAnonymousCredentials makes anonymous credentials object Passed options redefines default values of credentials object internal fields
func NewFixedTokenSource ¶
func NewFixedTokenSource(token, tokenType string) credentials.TokenSource
NewFixedTokenSource makes fixed token source for OAuth 2.0 token exchange credentials
func NewJWTTokenSource ¶
func NewJWTTokenSource(opts ...credentials.JWTTokenSourceOption) (credentials.TokenSource, error)
NewJWTTokenSource makes JWT token source for OAuth 2.0 token exchange credentials
func NewStaticCredentials ¶
func NewStaticCredentials( user, password, authEndpoint string, opts ...credentials.StaticCredentialsOption, ) *credentials.Static
NewStaticCredentials makes static credentials object
func WithAudience ¶
func WithECPrivateKeyPEMContent ¶
func WithECPrivateKeyPEMContent(key []byte) credentials.JWTTokenSourceOption
PrivateKey For EC signing methods: ES256, ES384, ES512
func WithECPrivateKeyPEMFile ¶
func WithECPrivateKeyPEMFile(path string) credentials.JWTTokenSourceOption
PrivateKey For EC signing methods: ES256, ES384, ES512
func WithGrpcDialOptions ¶
func WithGrpcDialOptions(opts ...grpc.DialOption) credentials.StaticCredentialsOption
WithGrpcDialOptions option append to static credentials object GRPC dial options
func WithHMACSecretKey ¶
func WithHMACSecretKey(key []byte) credentials.JWTTokenSourceOption
Key For HMAC signing methods: HS256, HS384, HS512
func WithHMACSecretKeyBase64Content ¶
func WithHMACSecretKeyBase64Content(base64KeyContent string) credentials.JWTTokenSourceOption
Key For HMAC signing methods: HS256, HS384, HS512
func WithHMACSecretKeyBase64File ¶
func WithHMACSecretKeyBase64File(path string) credentials.JWTTokenSourceOption
Key For HMAC signing methods: HS256, HS384, HS512
func WithHMACSecretKeyFile ¶
func WithHMACSecretKeyFile(path string) credentials.JWTTokenSourceOption
Key For HMAC signing methods: HS256, HS384, HS512
func WithPrivateKey ¶
func WithPrivateKey(key interface{}) credentials.JWTTokenSourceOption
PrivateKey
func WithRSAPrivateKeyPEMContent ¶
func WithRSAPrivateKeyPEMContent(key []byte) credentials.JWTTokenSourceOption
PrivateKey For RSA signing methods: RS256, RS384, RS512, PS256, PS384, PS512
func WithRSAPrivateKeyPEMFile ¶
func WithRSAPrivateKeyPEMFile(path string) credentials.JWTTokenSourceOption
PrivateKey For RSA signing methods: RS256, RS384, RS512, PS256, PS384, PS512
func WithSigningMethod ¶
func WithSigningMethod(method jwt.SigningMethod) credentials.JWTTokenSourceOption
SigningMethod
func WithSigningMethodName ¶
func WithSigningMethodName(method string) credentials.JWTTokenSourceOption
SigningMethod
func WithSourceInfo ¶
func WithSourceInfo(sourceInfo string) credentials.SourceInfoOption
WithSourceInfo option append to credentials object the source info for reporting source info details on error case
Types ¶
type Credentials ¶
type Credentials interface { // Token must return actual token or error Token(ctx context.Context) (string, error) }
Credentials is an interface of YDB credentials required for connect with YDB
func NewOauth2TokenExchangeCredentials ¶
func NewOauth2TokenExchangeCredentials( opts ...credentials.Oauth2TokenExchangeCredentialsOption, ) (Credentials, error)
NewOauth2TokenExchangeCredentials makes OAuth 2.0 token exchange protocol credentials object https://www.rfc-editor.org/rfc/rfc8693
func NewOauth2TokenExchangeCredentialsFile ¶
func NewOauth2TokenExchangeCredentialsFile( configFilePath string, opts ...credentials.Oauth2TokenExchangeCredentialsOption, ) (Credentials, error)
NewOauth2TokenExchangeCredentialsFile makes OAuth 2.0 token exchange protocol credentials object from config file https://www.rfc-editor.org/rfc/rfc8693 Config file must be a valid json file
Fields of json file
grant-type: [string] Grant type option (default: "urn:ietf:params:oauth:grant-type:token-exchange") res: [string | list of strings] Resource option (optional) aud: [string | list of strings] Audience option for token exchange request (optional) scope: [string | list of strings] Scope option (optional) requested-token-type: [string] Requested token type option (default: "urn:ietf:params:oauth:token-type:access_token") subject-credentials: [creds_json] Subject credentials options (optional) actor-credentials: [creds_json] Actor credentials options (optional) token-endpoint: [string] Token endpoint
Fields of creds_json (JWT):
type: [string] Token source type. Set JWT alg: [string] Algorithm for JWT signature. Supported algorithms can be listed with GetSupportedOauth2TokenExchangeJwtAlgorithms() private-key: [string] (Private) key in PEM format (RSA, EC) or Base64 format (HMAC) for JWT signature kid: [string] Key id JWT standard claim (optional) iss: [string] Issuer JWT standard claim (optional) sub: [string] Subject JWT standard claim (optional) aud: [string | list of strings] Audience JWT standard claim (optional) jti: [string] JWT ID JWT standard claim (optional) ttl: [string] Token TTL (default: 1h)
Fields of creds_json (FIXED):
type: [string] Token source type. Set FIXED token: [string] Token value token-type: [string] Token type value. It will become subject_token_type/actor_token_type parameter in token exchange request (https://www.rfc-editor.org/rfc/rfc8693)
type Oauth2TokenExchangeCredentialsOption ¶
type Oauth2TokenExchangeCredentialsOption = credentials.Oauth2TokenExchangeCredentialsOption
func WithActorToken ¶
func WithActorToken(actorToken credentials.TokenSource) Oauth2TokenExchangeCredentialsOption
ActorTokenSource
func WithFixedActorToken ¶
func WithFixedActorToken(token, tokenType string) Oauth2TokenExchangeCredentialsOption
ActorTokenSource
func WithFixedSubjectToken ¶
func WithFixedSubjectToken(token, tokenType string) Oauth2TokenExchangeCredentialsOption
SubjectTokenSource
func WithGrantType ¶
func WithGrantType(grantType string) Oauth2TokenExchangeCredentialsOption
GrantType
func WithJWTActorToken ¶
func WithJWTActorToken(opts ...credentials.JWTTokenSourceOption) Oauth2TokenExchangeCredentialsOption
ActorTokenSource
func WithJWTSubjectToken ¶
func WithJWTSubjectToken(opts ...credentials.JWTTokenSourceOption) Oauth2TokenExchangeCredentialsOption
SubjectTokenSource
func WithRequestTimeout ¶
func WithRequestTimeout(timeout time.Duration) Oauth2TokenExchangeCredentialsOption
RequestTimeout
func WithRequestedTokenType ¶
func WithRequestedTokenType(requestedTokenType string) Oauth2TokenExchangeCredentialsOption
RequestedTokenType
func WithResource ¶
func WithResource(resource string, resources ...string) Oauth2TokenExchangeCredentialsOption
Resource
func WithScope ¶
func WithScope(scope string, scopes ...string) Oauth2TokenExchangeCredentialsOption
Scope
func WithSubjectToken ¶
func WithSubjectToken(subjectToken credentials.TokenSource) Oauth2TokenExchangeCredentialsOption
SubjectTokenSource
func WithSyncExchangeTimeout ¶
func WithSyncExchangeTimeout(timeout time.Duration) Oauth2TokenExchangeCredentialsOption
SyncExchangeTimeout
func WithTokenEndpoint ¶
func WithTokenEndpoint(endpoint string) Oauth2TokenExchangeCredentialsOption
TokenEndpoint
type Token ¶
type Token = credentials.Token
type TokenSource ¶
type TokenSource = credentials.TokenSource